Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Iqdmz_wdmAnMFgv3bPb0W8atoDs.roa
File: Iqdmz_wdmAnMFgv3bPb0W8atoDs.roa (raw, json)
Hash identifier: 0rxlF7xNfrOyZPIWPHnVjkAK4Z9WMLIV9w0+V3ReyPE=
Subject key identifier: 22:A7:66:CF:FC:1D:98:09:CC:16:0B:F7:6C:F6:F4:5B:C6:AD:A0:3B
Certificate issuer: /CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Certificate serial: 04B94B1F
Authority key identifier: 27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Iqdmz_wdmAnMFgv3bPb0W8atoDs.roa
Signing time: Sat 01 Jan 2022 05:56:07 +0000
ROA not before: Sat 01 Jan 2022 05:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 5.181.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79252255 (0x4b94b1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=274d91cfa0a6db9bfd9154a441858e00e38bdbd6
Validity
Not Before: Jan 1 05:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22a766cffc1d9809cc160bf76cf6f45bc6ada03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:e3:93:28:c2:35:c3:66:d0:0d:a8:f2:d1:
1b:08:13:83:c6:0d:ed:ea:13:08:73:5e:c9:fc:36:
45:0a:45:99:75:a1:2c:0a:1d:e1:07:6e:8d:39:20:
03:09:fc:60:9c:21:76:97:f5:d5:2b:10:60:35:b5:
cb:1e:55:93:fa:79:ca:e7:d5:ea:03:28:fd:2b:29:
3c:80:71:4e:2a:c1:59:d2:df:50:13:86:be:64:f4:
d8:3b:37:0d:6c:3f:d9:de:51:30:39:c0:c1:53:2c:
1d:4c:7c:c0:f4:b9:0b:9a:92:e1:65:e7:ef:08:03:
a8:9c:06:b3:a2:0d:ff:37:e3:fe:d3:2b:d7:ac:ac:
b4:90:80:c5:e4:2c:3c:67:50:8d:ee:74:f3:9b:fc:
52:f8:07:25:40:d4:1a:a1:5b:64:c0:34:88:a8:fe:
3b:26:d2:99:db:92:4d:5e:62:6a:61:b4:54:cf:e5:
b5:eb:66:82:41:19:31:47:b2:73:2c:dd:e6:03:a1:
26:d1:e1:a6:a4:26:d2:f2:25:db:ff:57:74:29:d5:
cf:a0:9d:d1:0b:09:e4:84:ec:01:c9:fc:70:8a:75:
6b:f1:a8:2f:a2:4d:da:38:de:fe:5f:8b:a6:b1:a2:
91:ea:d4:11:98:db:4e:30:75:fd:d0:63:61:bd:ce:
2a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A7:66:CF:FC:1D:98:09:CC:16:0B:F7:6C:F6:F4:5B:C6:AD:A0:3B
X509v3 Authority Key Identifier:
keyid:27:4D:91:CF:A0:A6:DB:9B:FD:91:54:A4:41:85:8E:00:E3:8B:DB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J02Rz6Cm25v9kVSkQYWOAOOL29Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/Iqdmz_wdmAnMFgv3bPb0W8atoDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c51d58-e349-4231-864f-978234c3bb70/1/J02Rz6Cm25v9kVSkQYWOAOOL29Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.212.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:a5:0d:28:87:6e:52:d7:1c:59:cf:76:42:90:c1:bb:48:91:
e9:15:bb:b0:39:1c:ca:84:6b:bc:25:0c:5c:34:84:c7:7e:74:
5e:c6:97:dd:7e:44:0f:10:8d:15:d7:e7:4f:7f:a9:f1:53:0f:
5f:65:e3:6e:df:ce:3f:9a:eb:5a:6c:a1:55:fd:ca:ff:f9:b9:
71:95:53:ee:84:b6:1b:10:12:db:81:93:81:73:de:16:1f:cb:
27:c5:af:7d:3e:d7:44:2b:69:87:ba:8c:5c:4c:2b:d4:6e:12:
a5:56:4d:73:ac:31:ab:c5:96:34:00:bc:fa:e4:1f:ac:b6:32:
1f:6c:d8:31:a0:7c:a9:6b:1a:19:9a:04:fa:1d:d6:7c:c0:e2:
1a:b9:d1:c4:16:48:fb:ed:e6:4c:a5:c7:22:31:29:39:22:a7:
c7:69:55:e6:dd:af:f1:6c:e2:4a:93:29:f5:0a:7a:d2:39:fe:
b0:54:07:b5:6b:4d:51:31:fc:ba:2e:00:e5:86:67:6f:46:7d:
c4:82:17:3c:38:d2:76:b5:e4:f2:57:ae:fe:d8:5f:33:9b:9e:
ee:80:e4:3f:6c:41:9b:76:07:75:0a:c2:4b:7a:2f:b9:ad:ab:
63:ac:31:d3:64:46:12:d3:81:73:ea:8d:94:4d:f1:8c:4d:e6:
28:51:f9:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBLlLHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzRkOTFjZmEwYTZkYjliZmQ5MTU0YTQ0MTg1OGUwMGUzOGJkYmQ2MB4XDTIyMDEw
MTA1NTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJhNzY2Y2ZmYzFk
OTgwOWNjMTYwYmY3NmNmNmY0NWJjNmFkYTAzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8R45MowjXDZtANqPLRGwgTg8YN7eoTCHNeyfw2RQpFmXWh
LAod4QdujTkgAwn8YJwhdpf11SsQYDW1yx5Vk/p5yufV6gMo/SspPIBxTirBWdLf
UBOGvmT02Ds3DWw/2d5RMDnAwVMsHUx8wPS5C5qS4WXn7wgDqJwGs6IN/zfj/tMr
16ystJCAxeQsPGdQje5085v8UvgHJUDUGqFbZMA0iKj+OybSmduSTV5iamG0VM/l
tetmgkEZMUeycyzd5gOhJtHhpqQm0vIl2/9XdCnVz6Cd0QsJ5ITsAcn8cIp1a/Go
L6JN2jje/l+LprGikerUEZjbTjB1/dBjYb3OKtcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQip2bP/B2YCcwWC/ds9vRbxq2gOzAfBgNVHSMEGDAWgBQnTZHPoKbbm/2R
VKRBhY4A44vb1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0owMlJ6NkNtMjV2OWtWU2tRWVdPQU9PTDI5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvYzUxZDU4LWUzNDktNDIzMS04NjRmLTk3ODIzNGMzYmI3MC8x
L0lxZG16X3dkbUFuTUZndjNiUGIwVzhhdG9Ecy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
YzUxZDU4LWUzNDktNDIzMS04NjRmLTk3ODIzNGMzYmI3MC8xL0owMlJ6NkNtMjV2
OWtWU2tRWVdPQU9PTDI5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgW11DANBgkqhkiG9w0BAQsFAAOC
AQEACqUNKIduUtccWc92QpDBu0iR6RW7sDkcyoRrvCUMXDSEx350XsaX3X5EDxCN
FdfnT3+p8VMPX2Xjbt/OP5rrWmyhVf3K//m5cZVT7oS2GxAS24GTgXPeFh/LJ8Wv
fT7XRCtph7qMXEwr1G4SpVZNc6wxq8WWNAC8+uQfrLYyH2zYMaB8qWsaGZoE+h3W
fMDiGrnRxBZI++3mTKXHIjEpOSKnx2lV5t2v8WziSpMp9Qp60jn+sFQHtWtNUTH8
ui4A5YZnb0Z9xIIXPDjSdrXk8leu/thfM5ue7oDkP2xBm3YHdQrCS3ovua2rY6wx
02RGEtOBc+qNlE3xjE3mKFH55Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:22 2025 by rpki-client